Adds IP entries to a network access control list (ACL).
Usage notes
- Each ACL can contain one or more IP addresses or CIDR blocks. Take note of the following
limits on ACLs:
- The maximum number of IP entries that can be added to an ACL with each Alibaba Cloud account at a time: 20
- The maximum number of IP entries that each ACL can contain: 1,000
- The AddEntriesToAcl operation is asynchronous. After you send a request, the system returns a request
ID, but the operation is still being performed in the background. You can call the
ListAclEntries operation to query the status of an IP entry:
- If the ACL is in the Adding state, the IP entry is being added.
- If the ACL is in the Available state, the IP entry is added.
Debugging
Request parameters
| Parameter | Type | Required | Example | Description |
|---|---|---|---|---|
| Action | String | Yes | AddEntriesToAcl |
The operation that you want to perform. Set the value to AddEntriesToAcl. |
| AclId | String | Yes | nacl-hp34s2h0xx1ht4nwo**** |
The ID of the ACL. |
| AclEntries.N.Description | String | No | test-entry |
The description of the IP entry. The description must be 2 to 256 characters in length, and can contain letters, digits, and the following special characters: , . ; / @ _ -. You can add up to 20 IP entries in each call. |
| AclEntries.N.Entry | String | Yes | 10.0.1.0/24 |
The CIDR block of the IP entry. You can add up to 20 IP entries in each call. |
| ClientToken | String | No | 5A2CFF0E-5718-45B5-9D4D-70B3FF3898 |
The client token that is used to ensure the idempotence of the request. You can use the client to generate the value, but you must make sure that it is unique among different requests. ClientToken can contain only ASCII characters. Note If you do not set this parameter, the system uses RequestId as ClientToken. The value of RequestId may be different for each API request.
|
| DryRun | Boolean | No | false |
Specifies whether to check the request without performing the operation. Valid values:
|
Response parameters
| Parameter | Type | Example | Description |
|---|---|---|---|
| JobId | String | 72dcd26b-f12d-4c27-b3af-18f6aed5**** |
The ID of the asynchronous task. |
| RequestId | String | 365F4154-92F6-4AE4-92F8-7FF34B540710 |
The ID of the request. |
Examples
Sample requests
http(s)://[Endpoint]/?Action=AddEntriesToAcl
&AclId=nacl-hp34s2h0xx1ht4nwo****
&AclEntries=[{"Description":"test-entry","Entry":"10.0.1.0/24"}]
&ClientToken=5A2CFF0E-5718-45B5-9D4D-70B3FF3898
&DryRun=false
&Common request parametersSample success responses
XML format
HTTP/1.1 200 OK
Content-Type:application/xml
<AddEntriesToAclResponse>
<JobId>72dcd26b-f12d-4c27-b3af-18f6aed5****</JobId>
<RequestId>365F4154-92F6-4AE4-92F8-7FF34B540710</RequestId>
</AddEntriesToAclResponse>JSON format
HTTP/1.1 200 OK
Content-Type:application/json
{
"JobId" : "72dcd26b-f12d-4c27-b3af-18f6aed5****",
"RequestId" : "365F4154-92F6-4AE4-92F8-7FF34B540710"
}Error codes
| HttpCode | Error code | Error message | Description |
|---|---|---|---|
| 400 | ResourceAlreadyExist.AclEntry | The specified resource %s already exists. | The error message returned because the specified %s resource already exists. |
| 400 | ResourceQuotaExceeded.AclEntriesNum | The quota of %s is exceeded for resource %s, usage %s/%s. | The error message returned because the quota %s of the specified resource %s is exhausted. The current usage is %s. |
| 404 | ResourceNotFound.Acl | The specified resource %s is not found. | The error message returned because the specified resource %s does not exist. |
For a list of error codes, visit the Error Center.